package BLL;

import com.kook.ball.util.*;
import com.kook.ball.security.*;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import javax.annotation.Resource;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.sql.DataSource;


/**
 * Servlet implementation class Login
 */
@WebServlet("/Login")
public class Login extends HttpServlet {
	private static final long serialVersionUID = 1L;
	/*private Connection conn;
	 public void init() {
		 conn = (Connection) getServletContext().getAttribute("connection"); 
		 }*/
	@Resource(name = "jdbc/security")
    private DataSource jdbcsecurity;
    private Connection conn;
    public void init() {
          try {
                 conn = jdbcsecurity.getConnection();
          		} 
          catch (Exception ex) 
          		{
                 System.out.println(ex);
          		} 
          }
    /**
     * @see HttpServlet#HttpServlet()
     */
    public Login() {
        super();
        // TODO Auto-generated constructor stub
    }

	/**
	 * @throws NoSuchAlgorithmException 
	 * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
	 */
    protected void processRequest(HttpServletRequest request,HttpServletResponse response) throws ServletException, IOException, NoSuchAlgorithmException {
    	PrintWriter out = response.getWriter();
    	String username=request.getParameter("username");
    	String password=request.getParameter("password");
    	PreparedStatement pst = null;
    	HashingProvider hashing=new HashingProvider();
   	 
    	try {
			
			String sql = "select * from Login where username= ?";
			pst = conn.prepareStatement(sql);
			pst.setString(1, username);
			
			ResultSet rs = pst.executeQuery();
			while ((rs.next()))
			{
		     String salt=rs.getString("salt");
		 	 String hash = hashing.hashSHA256WithSalt(password, salt);
		 	
		 	//out.print(hash);
		 	if(rs.getString("username").equals(username)&& rs.getString("passhash").equals(hash)){
		 		boolean loginflag = true;
		 		String email=rs.getString("email");
		 		String telephone=rs.getString("telephone");
		 		HttpSession session = request.getSession();
		 		session.setAttribute("username",username);
		 		session.setAttribute("email",email);
		 		session.setAttribute("telephone",telephone);
		 		request.getSession().setAttribute("username", username);
		 		request.getSession().setAttribute("email", email);
		 		request.getSession().setAttribute("telephone", telephone);
		 		request.getSession().setAttribute("loginFlag", loginflag);
	             response.sendRedirect("RequestOTP.jsp");
		 		//out.println("<h1>Sucessfully Login! </h1>");
		 	  }
			
			else{
				out.println("Invalid Username and Password");
			    }
			}
			
		} catch (SQLException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
    }
	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		try {
			processRequest(request, response);
		} catch (NoSuchAlgorithmException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

	/**
	 * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
	 */
	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		// TODO Auto-generated method stub
		try {
			processRequest(request, response);
		} catch (NoSuchAlgorithmException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
	}

}
